This new feature uses a granular access control to several folders with the purpose to block changes made from untrusted software.

In the same way than firewalls do with programs that want to make connections (allow/block) Windows Defender uses the same approach to allow/block access to the folders, giving (theoretically) a very good protection to Ransomware attacks.

By default Microsoft has a pre-defined list with the software that is allowed to make changes in protected folders. Users could add new programs that could made changes.